SYSTEM AND METHOD FOR AUTHENTICATING A RF TRANSACTION USING A RADIO FREQUENCY IDENTIFICATION DEVICE INCLUDING A TRANSACTION COUNTER
First Claim
1. A method for securing a radio frequency (RF) transaction comprising:
- receiving a RF reader authentication tag, a transaction account number, a RF transaction device authentication tag, and a RF transaction device counter value;
verifying the RF reader authentication tag, RF transaction device authentication tag, and RF transaction device counter value;
processing a transaction request, wherein the RF transaction device authentication tag, RF reader authentication tag, and RF transaction device counter value are verified, the RF transaction device authentication tag being produced using a RF transaction device encryption key, the RF transaction device counter value, the transaction account number, and a random number, where the RF transaction device encryption key, the RF transaction device counter value, and the transaction account number are provided by a RF transaction device and the random number is provided by a RF reader, and wherein the RF reader authentication tag is produced using the RF transaction device authentication tag, the RF transaction device counter value, the random number, and transaction account number.
5 Assignments
0 Petitions
Accused Products
Abstract
A system and method for securing a Radio Frequency (RF) transaction using a RF identification device (RFID) transaction device is provided. RFID transaction device includes a transactions counter for tallying the number of transactions attempted or completed with the RFID transactions device. Counter value is used to create a RFID device authentication tag for use in validating the RFID device. A RFID reader, interacting with the RFID device, provides a random number to the RFID device which may be used in the RFID device authentication tag creation and validation. RFID reader may also use counter value and random number to create a RFID reader authentication key useful for validating RFID reader. RFID transaction device may include an encryption key for creating RFID transaction device authentication tag. Likewise, RFID reader may include a RFID reader encryption key for creating RFID reader authentication tag.
-
Citations
26 Claims
-
1. A method for securing a radio frequency (RF) transaction comprising:
-
receiving a RF reader authentication tag, a transaction account number, a RF transaction device authentication tag, and a RF transaction device counter value;
verifying the RF reader authentication tag, RF transaction device authentication tag, and RF transaction device counter value;
processing a transaction request, wherein the RF transaction device authentication tag, RF reader authentication tag, and RF transaction device counter value are verified, the RF transaction device authentication tag being produced using a RF transaction device encryption key, the RF transaction device counter value, the transaction account number, and a random number, where the RF transaction device encryption key, the RF transaction device counter value, and the transaction account number are provided by a RF transaction device and the random number is provided by a RF reader, and wherein the RF reader authentication tag is produced using the RF transaction device authentication tag, the RF transaction device counter value, the random number, and transaction account number. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method for facilitating securing a radio frequency transaction comprising:
-
receiving a RF transaction device authentication tag, a transaction account number, a transaction account expiration date, and a RF transaction device counter value;
verifying the RF transaction device authentication tag using a corresponding RF transaction device encryption key, the corresponding RF transaction device encryption key corresponding to a RF transaction device encryption key referenced to a RF transaction device;
verifying the RF transaction device counter value; and
processing a transaction request wherein the RF transaction device authentication tag and the RF transaction device counter is verified, the RF transaction device authentication tag being produced using the RF transaction device encryption key, a random number, the RF transaction device counter value and the transaction account number, where the RF transaction device encryption key, the RF transaction device counter value, and the transaction account number are provided by a RF transaction device, and wherein the random number is provided by a RF reader. - View Dependent Claims (11)
-
- 12. A method of claim 111 where counter value is verified by comparing counter value to an expected counter value.
-
16. A method for facilitating securing a radio frequency (RF) transaction comprising:
-
receiving a RF reader authentication tag, a transaction account number, and a merchant POS encryption key;
verifying the RF reader authentication tag using the merchant POS encryption key; and
processing a transaction request where the RF reader authentication tag is verified, the RF reader authentication tag being produced using a RF transaction device counter value, a RF reader encryption key, and transaction account number, where the RF transaction device counter value and the transaction account number is provided by a RF transaction device, and the RF reader encryption key is provided by a RF reader. - View Dependent Claims (17, 18, 19, 20)
-
-
21. A system configured to facilitate securing a RF transaction comprising:
-
a. RF transaction device, said RF transaction device including;
i. a RF transaction device database configured to store transaction account number, transaction account expiration date, RF transaction device encryption key;
ii. a RF transaction device counter, said counter having a counter value;
iii. a RF transaction device processor configured to increment said counter value; and
iv. a RF transponder configured to transmit said transaction account number, transaction account expiration date, RF transaction device encryption key and counter value;
b. a RFID reader in RF communication with said RF transaction device configured to receive said transaction account number, transaction account expiration date, RF transaction device encryption key, and said counter value, said RFID reader including a random number generator for generating a random number, said RFID reader configured to provide said random number to said RF transaction device;
c. a merchant point of sale (POS) in communication with said RFID reader, said merchant POS including a merchant POS identifier, i. said RF transaction device configured to receive said random number and produce a RF transaction device authentication tag using the RF transaction device encryption key, said random number, said counter value and said RF transaction device encryption key, said RF transaction device configured to provide said RF transaction device authentication tag, RF transaction device encryption key, said random number, said counter value and said RF transaction device encryption key to said RFID reader, said RFID reader configured to produce a RFID reader authentication tag using said RF transaction device authentication tag, said random number, said counter value and said transaction account number, said RFID reader configured to convert said RF transaction device authentication tag, RF transaction device encryption key, said random number, said counter value and said transaction account number to a merchant POS recognizable format; and
d. an issuer system in communication with said merchant POS, said issuer system configured to locate a RFID reader encryption key using said merchant POS identifier, rehash from said RFID reader authentication tag, the transaction account number, counter value, random number, and said RF transaction device authentication tag using said RFID reader encryption key, verify said RF transaction device authentication tag using a corresponding RF transaction device encryption key, and verify said counter value, and to process a transaction request where said RFID reader authentication tag, said RF transaction device authentication tag, and said counter value are verified.
-
-
22. A system configured to facilitate securing a RF transaction comprising:
-
a. a RF transaction device, said RF transaction device including;
i. a RF transaction device database configured to store transaction account number, transaction account expiration date, RF transaction device encryption key;
ii. a RF transaction device counter, said counter having a counter value;
iii. a RF transaction device processor configured to increment said counter value; and
iv. a RF transponder configured to transmit said transaction account number, transaction account expiration date, RF transaction device encryption key and counter value;
b. a RFID reader in RF communication with said RF transaction device configured to receive said transaction account number, transaction account expiration date, RF transaction device encryption key, and said counter value, said RFID reader including a random number generator for generating a random number, said RFID reader configured to provide said random number to said RF transaction device;
c. a merchant point of sale (POS) in communication with said RFID reader, said merchant POS including a merchant POS identifier, said RF transaction device configured to receive said random number and produce a RF transaction device authentication tag using the RF transaction device encryption key, said random number, said counter value and said RF transaction device encryption key, said RF transaction device configured to provide said RF transaction device authentication tag, RF transaction device encryption key, said random number, said counter value and said RF transaction device encryption key to said RFID reader, said RFID reader configured to convert said RF transaction device authentication tag, RF transaction device encryption key, said random number, said counter value and said transaction account number to a merchant POS recognizable format; and
d. an issuer system in communication with said merchant POS, said issuer system configured verify said RF transaction device authentication tag using a using a corresponding RF transaction device encryption key, and verify said counter value, and process a transaction request where said RF transaction device authentication tag and said counter value are verified.
-
-
23. A system configured to facilitate securing a RF transaction comprising:
-
a. a RF transaction device, said RF transaction device including;
i. a RF transaction device database configured to store transaction account number, and a transaction account expiration date;
ii. a RF transaction device counter, said counter having a counter value;
iii. a RF transaction device processor configured to increment said counter value; and
iv. a RF transponder configured to transmit said transaction account number, transaction account expiration date, and counter value;
b. a RFID reader in RF communication with said RF transaction device configured to receive said transaction account number, transaction account expiration date, and said counter value;
c. a merchant point of sale (POS) in communication with said RFID reader, said merchant POS including a merchant POS encryption key, said RF transaction device configured to receive said random number and said RF transaction device configured to provide said RF transaction device authentication tag, RF transaction device encryption key, said random number, said counter value to said RFID reader, said RFID reader configured to produce a RFID reader authentication tag using a RFID reader encryption key, said RFID reader configured to convert, RFID authentication tag, said random number, said counter value and said transaction account number to a merchant POS recognizable format; and
d. an issuer system in communication with said merchant POS, said issuer system configured to locate a RFID reader encryption key using said merchant POS encryption key, verify said RFID reader authentication tag using said merchant POS encryption key, and verify said counter value, and to process a transaction request where said RFID reader authentication tag and said counter are verified.
-
-
24. A computer-readable storage medium containing a set of instructions for a general purpose computer configured for:
-
receiving a RF reader authentication tag, a transaction account number, a RF transaction device authentication tag, and a RF transaction device counter value;
verifying the RF reader authentication tag, RF transaction device authentication tag, and RF transaction device counter value; and
processing a transaction request where the RF transaction device authentication tag, RF reader authentication tag, and RF transaction device counter value are verified, the RF transaction device authentication tag being produced using a RF transaction device encryption key, the RF transaction device counter value, the transaction account number, and a random number, where the RF transaction device encryption key, the RF transaction device counter value, and the transaction account number are provided by a RF transaction device and the random number is provided by a RF reader, and wherein the RF reader authentication tag is produced using the RF transaction device authentication tag, the RF transaction device counter value, the random number, and transaction account number.
-
-
25. A computer-readable storage medium containing a set of instructions for a general purpose computer configured for:
-
receiving a RF transaction device authentication tag, a transaction account number, a transaction account expiration date, and a RF transaction device counter value, verifying the RF transaction device authentication tag using a corresponding RF transaction device encryption key, the corresponding RF transaction device encryption key corresponding to a RF transaction device encryption key referenced to a RF transaction device;
verifying the RF transaction device counter value; and
processing a transaction request where the RF transaction device authentication tag and the RF transaction device counter is verified, the RF transaction device authentication tag being produced using the RF transaction device encryption key, a random number, the RF transaction device counter value and the transaction account number, where the RF transaction device encryption key, the RF transaction device counter value, and the transaction account number are provided by a RF transaction device, wherein the random number is provided by a RF reader.
-
-
26. A computer-readable storage medium containing a set of instructions for a general purpose computer configured for:
-
receiving a RF reader authentication tag, a transaction account number, and a merchant POS encryption key;
verifying the RF reader authentication tag using the merchant POS encryption key; and
processing a transaction request where the RF reader authentication tag is verified, the RF reader authentication tag being produced using a RF transaction device counter value, a RF reader encryption key, and transaction account number, where the RF transaction device counter value and the transaction account number is provided by a RF transaction device, and wherein the RF reader encryption key is provided by a RF reader.
-
Specification